Identity crime experts have warned of “multi-layered crises” after revealing that many victims dealt with two or more incidents over the past year.
The findings come from US non-profit the Identity Theft Resource Center (ITRC), which analyzed data from over 6000 reports submitted to it between April 1 2025 and March 31 2026.
Its 2026 Trends in Identity Report revealed that nearly 26% of victims managed two or more concurrent identity crime incidents, up from 24% the previous year.
ITRC chief operating and programs officer, Mona Terry, said that identity crimes are becoming increasingly complex.
“It is not just about the number of crimes, but also the pattern they follow,” she added. “A single compromise can trigger a chain reaction that spreads across multiple accounts and institutions, making it much harder for people to recover.”
Read more on identity crime: A Quarter of Scam Victims Have Considered Self-Harm
The increase in multiple identity crime events could be down in part to a surge in unauthorized device/PC access. The category accounted for 27% of identity compromise incidents reported in the period, up 78% annually.
It’s now the primary threat for adults aged 35–64, the report noted.
“Once an attacker controls a phone or laptop, they are not just stealing data. They can intercept recovery codes, approve login prompts, read work email and use trusted sessions to bypass controls that look strong on paper,” explained AttackIQ field CISO, Pete Luban.
“Organizations need to test whether those paths actually hold up under real attack conditions. If a stolen session or compromised device can move freely, identity protection becomes more of a hope than a defense.”
Identity Misuse and Recovery Rates
Account takeovers represented the largest share (50%) of identity misuse cases logged by the ITRC during the period.
Nearly two-thirds (38%) were tracked as new account fraud, while fraudulent employment (5%), criminal acts committed using PII (4%) and “IRS misuse” (3%) comprised a smaller share.
Interestingly, fraudulent employment accounted for 40% of misuse cases for children, indicating that their identities are frequently used to illegally secure jobs.
Attempted misuse caught by financial institutions rose by nearly 27%.
Although around half (53%) of victims experiencing no financial loss were able to reach a resolution, the figure fell to just 9% of those who did lose money.
Joshua Roback, principal security solution architect at Swimlane, argued that siloed back-office teams can complicate the recovery process for victims.
“Identity crime does not stay neatly inside one fraud ticket or one helpdesk request. It touches customer support, IT, legal, finance, and the SOC at the same time,” he said.
“When those teams work in separate systems, response slows down and victims get stuck repeating the same story. AI-driven automation can help security operations connect those workflows, surface the right evidence, and move response steps forward before delays pile up.”
